package com.cf.auth.config;

import lombok.AllArgsConstructor;
import lombok.SneakyThrows;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * 认证配置
 * @author ChenFeng
 * @date 2021/11/8 2:25 下午
 * @description
 */
@Configuration
@AllArgsConstructor
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {

    @Bean
    @Override
    @SneakyThrows
    public AuthenticationManager authenticationManagerBean() {
        return super.authenticationManagerBean();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return SwordPasswordEncoderFactories.createDelegatingPasswordEncoder();
    }

    @Override
    @SneakyThrows
    protected void configure(HttpSecurity http) {
        http.httpBasic()
                .and()
                .csrf()
                .disable() // CRSF禁用，因为不使用session
                .authorizeRequests()
                .anyRequest() // 任何请求，访问的用户都需要经过认证
                .authenticated();  // 登陆用户可访问
//                .fullyAuthenticated(); // 非 remember me 登录的用户可访问。
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        // 忽略认证  不走过滤器
//        web.ignoring().antMatchers("/oauth/token");
    }

}
